aboutsummaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth_unix.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/sunrpc/auth_unix.c')
-rw-r--r--net/sunrpc/auth_unix.c36
1 files changed, 15 insertions, 21 deletions
diff --git a/net/sunrpc/auth_unix.c b/net/sunrpc/auth_unix.c
index 52c5abdee211..dc37021fc3e5 100644
--- a/net/sunrpc/auth_unix.c
+++ b/net/sunrpc/auth_unix.c
@@ -18,8 +18,8 @@
18 18
19struct unx_cred { 19struct unx_cred {
20 struct rpc_cred uc_base; 20 struct rpc_cred uc_base;
21 gid_t uc_gid; 21 kgid_t uc_gid;
22 gid_t uc_gids[NFS_NGROUPS]; 22 kgid_t uc_gids[NFS_NGROUPS];
23}; 23};
24#define uc_uid uc_base.cr_uid 24#define uc_uid uc_base.cr_uid
25 25
@@ -65,7 +65,8 @@ unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
65 unsigned int i; 65 unsigned int i;
66 66
67 dprintk("RPC: allocating UNIX cred for uid %d gid %d\n", 67 dprintk("RPC: allocating UNIX cred for uid %d gid %d\n",
68 acred->uid, acred->gid); 68 from_kuid(&init_user_ns, acred->uid),
69 from_kgid(&init_user_ns, acred->gid));
69 70
70 if (!(cred = kmalloc(sizeof(*cred), GFP_NOFS))) 71 if (!(cred = kmalloc(sizeof(*cred), GFP_NOFS)))
71 return ERR_PTR(-ENOMEM); 72 return ERR_PTR(-ENOMEM);
@@ -79,13 +80,10 @@ unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
79 groups = NFS_NGROUPS; 80 groups = NFS_NGROUPS;
80 81
81 cred->uc_gid = acred->gid; 82 cred->uc_gid = acred->gid;
82 for (i = 0; i < groups; i++) { 83 for (i = 0; i < groups; i++)
83 gid_t gid; 84 cred->uc_gids[i] = GROUP_AT(acred->group_info, i);
84 gid = from_kgid(&init_user_ns, GROUP_AT(acred->group_info, i));
85 cred->uc_gids[i] = gid;
86 }
87 if (i < NFS_NGROUPS) 85 if (i < NFS_NGROUPS)
88 cred->uc_gids[i] = NOGROUP; 86 cred->uc_gids[i] = INVALID_GID;
89 87
90 return &cred->uc_base; 88 return &cred->uc_base;
91} 89}
@@ -123,21 +121,17 @@ unx_match(struct auth_cred *acred, struct rpc_cred *rcred, int flags)
123 unsigned int i; 121 unsigned int i;
124 122
125 123
126 if (cred->uc_uid != acred->uid || cred->uc_gid != acred->gid) 124 if (!uid_eq(cred->uc_uid, acred->uid) || !gid_eq(cred->uc_gid, acred->gid))
127 return 0; 125 return 0;
128 126
129 if (acred->group_info != NULL) 127 if (acred->group_info != NULL)
130 groups = acred->group_info->ngroups; 128 groups = acred->group_info->ngroups;
131 if (groups > NFS_NGROUPS) 129 if (groups > NFS_NGROUPS)
132 groups = NFS_NGROUPS; 130 groups = NFS_NGROUPS;
133 for (i = 0; i < groups ; i++) { 131 for (i = 0; i < groups ; i++)
134 gid_t gid; 132 if (!gid_eq(cred->uc_gids[i], GROUP_AT(acred->group_info, i)))
135 gid = from_kgid(&init_user_ns, GROUP_AT(acred->group_info, i));
136 if (cred->uc_gids[i] != gid)
137 return 0; 133 return 0;
138 } 134 if (groups < NFS_NGROUPS && gid_valid(cred->uc_gids[groups]))
139 if (groups < NFS_NGROUPS &&
140 cred->uc_gids[groups] != NOGROUP)
141 return 0; 135 return 0;
142 return 1; 136 return 1;
143} 137}
@@ -163,11 +157,11 @@ unx_marshal(struct rpc_task *task, __be32 *p)
163 */ 157 */
164 p = xdr_encode_array(p, clnt->cl_nodename, clnt->cl_nodelen); 158 p = xdr_encode_array(p, clnt->cl_nodename, clnt->cl_nodelen);
165 159
166 *p++ = htonl((u32) cred->uc_uid); 160 *p++ = htonl((u32) from_kuid(&init_user_ns, cred->uc_uid));
167 *p++ = htonl((u32) cred->uc_gid); 161 *p++ = htonl((u32) from_kgid(&init_user_ns, cred->uc_gid));
168 hold = p++; 162 hold = p++;
169 for (i = 0; i < 16 && cred->uc_gids[i] != (gid_t) NOGROUP; i++) 163 for (i = 0; i < 16 && gid_valid(cred->uc_gids[i]); i++)
170 *p++ = htonl((u32) cred->uc_gids[i]); 164 *p++ = htonl((u32) from_kgid(&init_user_ns, cred->uc_gids[i]));
171 *hold = htonl(p - hold - 1); /* gid array length */ 165 *hold = htonl(p - hold - 1); /* gid array length */
172 *base = htonl((p - base - 1) << 2); /* cred length */ 166 *base = htonl((p - base - 1) << 2); /* cred length */
173 167
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-20 11:18:55 -0400